Automated creation of OpenVPN config for all devices?

D

Denis2020-09-03 11:56:46

linux

Denis, 2020-09-03 11:56:46

Good afternoon everyone.

I encountered an inconvenience when setting up openvpn on Mikrotik, namely with client configs.

I will not describe the process of creating certificates, users, and other things.

At the output, we get the following files:

username.ovpn
ca.cert
client.cert
client.key

You can write everything into one username.ovpn file and enjoy life. The question is how to automate this process?

Perhaps there are options to create everything in the right service and transfer it to Mikrotik.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

P

paran0id, 2020-09-03
@paran0id

I did it with ansible. I generated certificates, config according to the template, packed it all into a password-protected archive and sent it to the user.

K

ky0, 2020-09-03
@ky0

Since you already have all the necessary keys / certificates at the output - add them to the config, this is a dozen lines in bash / python / etc.

I

iddqda, 2020-09-03
@iddqda

something like this for example:

KEY_DIR=~/openvpn-ca/keys
OUTPUT_DIR=~/client-configs/files
BASE_CONFIG=~/client-configs/base.conf

cat ${BASE_CONFIG} \
    <(echo -e '<ca>') \
    ${KEY_DIR}/ca.crt \
    <(echo -e '</ca>\n<cert>') \
    ${KEY_DIR}/${1}.crt \
    <(echo -e '</cert>\n<key>') \
    ${KEY_DIR}/${1}.key \
    <(echo -e '</key>\n<tls-auth>') \
    ${KEY_DIR}/ta.key \
    <(echo -e '</tls-auth>') \
    > ${OUTPUT_DIR}/${1}.ovpn

M

mureevms, 2020-09-03
@mureevms

As written for you
https://notessysadmin.com/single-key-for-all-openv...